Your computer needs to be updated again. Microsoft has just released the April 2024 Windows patch, which fixes a whopping 149 defects. While all of these vulnerabilities need to be fixed as soon as possible, this update is particularly important because two of the 149 vulnerabilities are zero-days.
A zero-day vulnerability is a known security vulnerability. This means that at least someone somewhere is not only aware of the vulnerability, but also exploiting it to attack others. The April 2024 update patches two such zero-day vulnerabilities, meaning your PC is particularly vulnerable to them until you install the patch.
The first zero-day vulnerability (numbered CVE-2024-26234) is an agent driver spoofing vulnerability. Microsoft would not disclose more information about the vulnerability, but cybersecurity firm Sophos said it discovered a malicious executable (Catalog.exe) signed by Microsoft Windows Hardware Compatibility Publisher. The executable is associated with publisher Hainan Youhu Technology Co., Ltd., which also publishes LaiXi Android Screen Mirroring, which is used to control batches of smartphones for mass social media marketing campaigns.
The malicious file is embedded within an authentication program, which now contains a working backdoor that manages network traffic on the victim's system. Sophos says there is no evidence that LaiXi intended to embed the malware into their programs, nor that the bad actors embedded the malware themselves, so it's unclear how this happened.
The second zero-day vulnerability, numbered CVE-2024-26234, is a SmartScreen Prompt Security Feature Bypass vulnerability that could allow bad actors to bypass a PC's Microsoft Defender Smartscreen system. Bad actors can send malicious files via email or other messaging platforms and need to trick victims into opening their malicious files using a launcher that bypasses the system UI.
These two zero-day vulnerabilities are reasons to install the patches immediately, but there are many other vulnerabilities fixed, making this an important update. One of the flaws could allow bad actors to steal credentials from the system via the Microsoft Azure Kubernetes service secrets container. While Microsoft is not aware of anyone actively exploiting this flaw in the wild, you should not put yourself in a vulnerable position if someone figures out how to exploit it.
How to install the April 2024 patch on your computer
To install this patch on your PC, go to Start > Settings > Windows Update (Windows 11) or Start > Settings > Update & Security > Windows Update (Windows 10) , then click Check for updates . Once you see the update, install it.
